<!doctype html>
<html lang="en-US">
	<body onload="run()">
	</body>
</html>
<script>
	'use strict';

	function run() {
		var oauth2 = window.opener.swaggerUIRedirectOauth2;
		var sentState = oauth2.state;
		var redirectUrl = oauth2.redirectUrl;
		var isValid, qp, arr;

		qp = (window.location.hash || location.search).substring(1);

		arr = qp.split("&")
		arr.forEach(function (v, i, _arr) {
			_arr[i] = '"' + v.replace('=', '":"') + '"';
		})
		qp = qp ? JSON.parse('{' + arr.join() + '}',
			function (key, value) {
				return key === "" ? value : decodeURIComponent(value)
			}
		) : {}

		isValid = qp.state === sentState

		if (oauth2.auth.schema.get("flow") === "accessCode" && !oauth2.auth.code) {
			if (!isValid) {
				oauth2.errCb({
					authId: oauth2.auth.name,
					source: "auth",
					level: "warning",
					message: "Authorization may be unsafe, passed state was changed in server Passed state wasn't returned from auth server"
				});
			}

			if (qp.code) {
				delete oauth2.state;
				oauth2.auth.code = qp.code;
				oauth2.callback({auth: oauth2.auth, redirectUrl: redirectUrl});
			} else {
				oauth2.errCb({
					authId: oauth2.auth.name,
					source: "auth",
					level: "error",
					message: "Authorization failed: no accessCode received from the server"
				});
			}
		} else {
			oauth2.callback({auth: oauth2.auth, token: qp, isValid: isValid, redirectUrl: redirectUrl});
		}
		window.close();
	}
</script>
